limit_except ignored

Maxim Khitrov max at mxcrypt.com
Sun Aug 21 18:27:34 UTC 2016


On Sun, Aug 21, 2016 at 1:43 PM, Maxim Khitrov <max at mxcrypt.com> wrote:
> Hi,
>
> I'm running nginx v1.9.10 on OpenBSD with the following server definition:
>
> server {
>     listen 80;
>     server_name example.com;
>     location / {
>         deny all;
>         limit_except POST {
>             allow all;
>             proxy_pass http://10.1.2.3;
>         }
>         proxy_set_header Host $host;
>     }
> }
>
> To my surprise, all GET requests are allowed and are passed to the
> backend server. Is this a bug or am I doing something stupid? In the
> final configuration I want to only allow GET requests, but I'm
> limiting to POST for now to simplify testing.
>
> -Max

I got it working by swapping 'allow' and 'deny' directives and moving
proxy_pass out of limit_except. I was just confused by the
documentation for limit_except. Sorry for the noise.



More information about the nginx mailing list